With no slowdown of cyberattacks in sight, global incident volumes continue to trend upward, according to new data from Accenture’s Cyber Investigations, Forensics and Response team.
The pandemic created the perfect storm for cybercriminals – shifts to remote working, a laxed remote workforce, plenty of anxiety around viruses and cures, financial stress, and more. Every last one of these factors works in the threat actor’s favor. And, according to a new article from Accenture, there are some specific continuing trends that may offer insight into where cybercriminals are placing their focus moving forward.
- The United States tops the list of targeted countries with 36%
- Ransomware dominates the list of cyberattacks at 38% (REvil topped the list of variants)
- Industries – 5 industries make up 60% of attacks in the last year: Consumer Goods & Services, Industrial, Banking, Travel & Hospitality, and Insurance (ransomware shared 4 of these 5 as top targeted industries, with Telecommunications sitting in for Travel & Hospitality)
- The largest targeted Enterprise company size (by revenue) was $1B – $9.9B
These attacks on enterprise organizations represent a monetary take so large, cybercriminal gangs have become brazen, willing to invest literally years of time and millions of dollars to find a way into victim organizations to hold them for ransom for sums even greater than what’s been invested.
While enterprise organizations aren’t alone in being targets of cyberattack, they should be taking special note of this data, as it says loudly and clearly “they’re coming for you.” Ransomware attacks still rely on successful phishing attacks that require user interaction to execute malicious code. Security Awareness Training is the only defense that engages the user to participate in corporate security, adding another layer to your defense in depth security strategy that helps stop the kinds of attacks Accenture is talking about.